Locating bogus DNS info?
Tim Maestas
tmaestas at dnsconsultants.com
Sat Oct 27 18:42:48 UTC 2001
The gtld servers have gw.errno.com as a glue record
for some previous registration. That is why the
incorrect record is being handed out. You will need
to get your registrar to fix this. If you do a
whois "host gw.errno.com"@whois.networksolutions.com
you will see the host record.
-Tim
On Sat, 27 Oct 2001, Sam Leffler wrote:
>
> I've got a problem with the domain errno.com. I changed providers and
> updated my info at NSI on 9/5/01. Everything seemed ok, but now the
> top-level servers show an old address for a host in my domain. I'm trying to
> understand who's supplying the bogus info.
>
> Here's a top-level server:
>
> gw% dig gw.errno.com @b.gtld-servers.net
>
> ; <<>> DiG 8.3 <<>> gw.errno.com @b.gtld-servers.net
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; gw.errno.com, type = A, class = IN
>
> ;; ANSWER SECTION:
> gw.errno.com. 2D IN A 209.212.166.34
>
> ;; AUTHORITY SECTION:
> errno.com. 2D IN NS BOOG.BUBBLES.com.
> errno.com. 2D IN NS NS.errno.com.
>
> ;; ADDITIONAL SECTION:
> BOOG.BUBBLES.com. 2D IN A 206.169.163.1
> NS.errno.com. 2D IN A 66.124.149.177
>
> ;; Total query time: 19 msec
> ;; FROM: gw.errno.com to SERVER: b.gtld-servers.net 192.33.14.30
> ;; WHEN: Sat Oct 27 10:39:18 2001
> ;; MSG SIZE sent: 30 rcvd: 122
>
> However if you query either NS for the domain you get the right info:
>
> gw% dig gw.errno.com @ns.errno.com
>
> ; <<>> DiG 8.3 <<>> gw.errno.com @ns.errno.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; gw.errno.com, type = A, class = IN
>
> ;; ANSWER SECTION:
> gw.errno.com. 1H IN A 66.124.149.177
>
> ;; AUTHORITY SECTION:
> errno.com. 1H IN NS ns.errno.com.
> errno.com. 1H IN NS boog.bubbles.com.
>
> ;; ADDITIONAL SECTION:
> ns.errno.com. 1H IN A 66.124.149.177
> boog.bubbles.com. 3h35m38s IN A 206.169.163.1
>
> ;; Total query time: 6 msec
> ;; FROM: gw.errno.com to SERVER: ns.errno.com 66.124.149.177
> ;; WHEN: Sat Oct 27 10:44:13 2001
> ;; MSG SIZE sent: 30 rcvd: 122
>
> gw% dig gw.errno.com @boog.bubbles.com
>
> ; <<>> DiG 8.3 <<>> gw.errno.com @boog.bubbles.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; gw.errno.com, type = A, class = IN
>
> ;; ANSWER SECTION:
> gw.errno.com. 1H IN A 66.124.149.177
>
> ;; Total query time: 60 msec
> ;; FROM: gw.errno.com to SERVER: boog.bubbles.com 206.169.163.1
> ;; WHEN: Sat Oct 27 10:44:28 2001
> ;; MSG SIZE sent: 30 rcvd: 46
>
> So where is the old info for gw.errno.com coming from? I previously was
> connected to rhythms.net. Now my service is through pbi.net. Whois info at
> network solutions shows the correct/updated info. Could they be propagating
> the wrong data to the root servers? If so, how do I get this corrected (I
> already tried going through the 1st level tech service but they were
> clueless)?
>
> Sam
>
>
>
>
More information about the bind-users
mailing list